Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-10-12 | smoketest: tftp-server: listen on dummy interface address rather then loopback | Christian Poessinger | |
2020-10-11 | tftp-server: T2974: migrate to get_config_dict() | Christian Poessinger | |
2020-10-11 | broadcast-relay: T2712: enable render trim_blocks | Christian Poessinger | |
2020-10-11 | smoketest: tftp-server: add initial testcases | Christian Poessinger | |
2020-10-11 | tftp-server: T2973: bugfix IPv6 listen address/port combination | Christian Poessinger | |
The mandatory colon for separating the IPv6 address and port was missing. | |||
2020-10-11 | nat: T2198: use proper validators for dnat translation address | Christian Poessinger | |
2020-10-11 | smoketest: nat: extend snat and add dnat test cases | Christian Poessinger | |
2020-10-11 | smoketest: nat: concentrate validation logic checks | Christian Poessinger | |
2020-10-09 | QAT: T2968: add support for Intel Atom C2000 processor | Christian Poessinger | |
2020-10-09 | login: T2492: remove empty plaintext-password node | Christian Poessinger | |
2020-10-08 | configd: T2931: workaround for suspected zmq bug | John Estabrook | |
2020-10-07 | Merge pull request #563 from lucasec/dns-source-address | Christian Poessinger | |
pdns_recursor: T2964: Expose query-local-address to dns config. | |||
2020-10-06 | pdns_recursor: T2964: Expose query-local-address to dns config. | Lucas Christian | |
In certain split DNS configurations, there is a need for more fine-grained control over the local address DNS forwarding uses to issue queries. The current pdns_recursor configuration allows the recursor to send queries from any available address on the interface the OS selects for the query, with no option to limit queries to a particular address or set of addresses. This commit exposes the `query-local-address` option in `recursor.conf` to users via the `service` `dns` `forwarding` `source-address` config node. If the parameter is unspecified, the default value of 0.0.0.0 (any IPv4 address) and :: (any IPv6 address) are used to match current behavior. Users who want more control can specify one or more IPv4 and IPv6 addresses to issue queries from. Per pdns_recursor docs, the recursor will load balance queries between any available addresses in the pools. Since IPv4 and IPv6 are different pools, note that specifying only one type of address will disable issuing queries for the other address family. | |||
2020-10-06 | openconnect: T2036: reuse accel-name-server.xml.i | Christian Poessinger | |
2020-10-06 | Merge pull request #565 from sever-sever/T2782 | Christian Poessinger | |
conf-mode: T2782: Restart rsyslog after changing timezone | |||
2020-10-06 | conf-mode: T2782: Restart rsyslog after changing timezone | sever-sever | |
2020-10-06 | xml: tftp-server: include/reuse port-number.xml.i | Christian Poessinger | |
2020-10-06 | xml: include: add common helper file for listen-address | Christian Poessinger | |
2020-10-06 | Merge pull request #564 from lucasec/doc-update | Daniil Baturin | |
Update search domain error message to match new validation logic | |||
2020-10-05 | Update search domain error message to match new validation logic. | Lucas Christian | |
(also converted file to unix line endings) | |||
2020-10-05 | wireless: T2963: remove default wpa mode key if passphares or RADIUS is unset | Christian Poessinger | |
Required to not trigger the "Misssing WPA key or RADIUS server" exception due to the new default value added in commit 2a0428bf ("wireless: T2963: set default 'both' on 'security wpa mode'"). | |||
2020-10-05 | wireless: T2963: set default "both" on "security wpa mode" | Christian Poessinger | |
2020-10-05 | validate: ipv6: mtu: T2427: wireless interface MTU is not configurable | Christian Poessinger | |
Commit 5db3d631 ("ifconfig: mtu: disallow MTU < 1280 bytes when IPv6 is enabled on the interface") checked the "mtu" key for it's value and the test only passed if mtu was larger then the required 1280 bytes when IPv6 address have been configured on the link. wireless (WiFi) interfaces have no MTU node - thus this always resulted in a Python KeyError. | |||
2020-10-05 | dhcp(v6)-server: T2961: use fqdn validator wnd move to include snipped | Christian Poessinger | |
Migrate the domain-search node (which occurs three times) to an includable snippet. Also re-use the fqdn validator to keep the regex patterns to as few locations as possible. | |||
2020-10-05 | Merge pull request #562 from lucasec/dhcpv6-stateless | Christian Poessinger | |
dhcpv6: T2961: support stateless dhcpv6 clients | |||
2020-10-05 | nat: T2951: use proper comments for source/destination logging | Christian Poessinger | |
For both source and destination NAT always the LOG name contained DST - which is definately false. This has been corrected to use SRC and DST on the appropriate rules. | |||
2020-10-04 | dhcpv6: T2961: support stateless dhcpv6 clients | Lucas Christian | |
This commit adds support for configuring the DHCPv6 server to serve "stateless" DHCPv6 clients (those that send an information-request message and do not request an address). The change introduces a `common-options` node at the `shared-network-name` level, which allows specifying options applicable to clients regardless of subnet assigned (or in the case of stateless clients, when no subnet is assigned). Parameters specified at the subnet level take precedence over those set at the shared-network level. Presently, only parameters that are meaningful to stateless clients have been exposed under `common-options`, as there is no precedent of exposing parameters at multiple levels under the current DHCPv4 or DHCPv6 configuration syntax. If desired, additional parameters could certainly be added with relative ease. | |||
2020-10-04 | smoketest: ntp: T2944: fix "allowed-networks statement" test | Christian Poessinger | |
Remove duplicate localhost listen IP addresses. Commit ca61add5e7 ("ntp: T2944: By default do not listen port 123 on any address") explicitly added listen statements for localhost. | |||
2020-10-04 | sstp: T2960: migrate to get_config_dict() and reusable templates | Christian Poessinger | |
2020-10-04 | pppoe-server: T2953: prepare common chap-secrets file | Christian Poessinger | |
2020-10-04 | pppoe-server: T2829: shift config migrators by one | Christian Poessinger | |
As VyOS vrux (1.2.7) requires a mirgator (1-to-2) for the MPPE node change (T2829) we need to shift all other migrators in 1.3 by one. As migrators probe the existance of nodes no negative side-effects are expected. | |||
2020-10-04 | pppoe-server: migrators: fix python style | Christian Poessinger | |
2020-10-04 | pppoe-server: T2829: fix broken migration script (exit called) | Christian Poessinger | |
A test statement was still present in the production code introduced in commit efeac80f8 ("pppoe-server: T2829: migrate 'ppp-options mppe' to leafNode"). This has been fixed. | |||
2020-10-04 | l2tp: pptp: pppoe-server: T2953: use common Accel-PPP MTU include file | Christian Poessinger | |
2020-10-04 | l2tp: pptp: sstp: pppoe-server: T2953: use common include for client-ip-pool | Christian Poessinger | |
2020-10-04 | pppoe-server: T2953: rename CLI local-ip to gateway-address | Christian Poessinger | |
Required to get a common CLI for all services provided by Accel-PPP. Once the CLI for each service is consitent - Jinja2 templates can be reused together with get_config_dict(). | |||
2020-10-04 | xml: include: add comment about source filename to every include snippet | Christian Poessinger | |
2020-10-04 | sstp: T2953: migrate gateway-address, client-ip-settings to common level | Christian Poessinger | |
* move "network-settings gateway-address" to "gateway-address" * move "network-settings client-ip-settings" to "client-ip-pool" | |||
2020-10-03 | sstp: T2953: migrate mtu to common level | Christian Poessinger | |
Preparation before using get_config_dict() and common Jinja2 templates. | |||
2020-10-03 | smoketest: sstp: pppoe: use common RADIUS tests | Christian Poessinger | |
2020-10-03 | vpn: sstp: T2008: set DA/CoA default port 1700 | Christian Poessinger | |
2020-10-03 | smoketest: sstp: add basic tests | Christian Poessinger | |
2020-10-03 | sstp: T2953: migrate name-server settions to common level | Christian Poessinger | |
In order to reuse as much as possible before migrationg to get_config_dict() and re-use Jinja2 snippets the name-server node must be moved one level up to 'set vpn sstp name-server'. | |||
2020-10-03 | openvpn: T2957: fix path to openvpn status file | Christian Poessinger | |
2020-10-03 | openvpn: T2957: | Marcus Hoff | |
Status file directory for show command was wrong, resulting in no output. Now points to '/var/run/openvpn/{}.status' | |||
2020-10-03 | smoketest: accel-ppp: prepare common base for multiple accel instance tests | Christian Poessinger | |
2020-10-03 | pppoe-server: T2936: three IPv6 name-servers are supported | Christian Poessinger | |
2020-10-03 | pppoe-server: T2936: move v4/v6 nameserver lists out of for loop | Christian Poessinger | |
2020-10-03 | Merge remote-tracking branch 'upstream/current' into current | Marcus Hoff | |
2020-10-03 | pppoe-server: T2956: make use of defaultValue list feature | Christian Poessinger | |